Lorem ipsum dolor sit amet, consectetur adipiscing elit. Vivamus convallis sem tellus, vitae egestas felis vestibule ut.

Error message details.

Reuse Permissions

Request permission to republish or redistribute SHRM content and materials.

What does the Sarbanes-Oxley Act (SOX) have to do with HR?

The Sarbanes-Oxley Act is a far-reaching piece of legislation signed into law in July 2002. There are two major areas of interest in the act for HR professionals: the whistleblower provisions and the 401(k) plan blackout provisions.

The act prohibits publicly traded companies from taking any adverse employment action against an employee because of his or her protected whistleblowing activities. Protected are employees who raise allegations of fraud to a federal agency, a member of Congress, any person with supervisory authority over the employee or any other person working for the company who has the authority to investigate, discover or terminate misconduct.

Employees are protected by the act if they “reasonably believe” they know of conduct that involves violation of federal securities laws, the rules or regulations of the Securities and Exchange Commission, or any provision of federal law relating to fraud against shareholders. The employee is protected even if the allegations prove to be incorrect or unsubstantiated. This provision appears to be very broad and very likely to involve HR if employees indicate they have information about fraudulent activities.

The second area of interest to HR practitioners is the 401(k) blackout period notice requirement. A blackout period is any period of more than three consecutive business days during which participants or beneficiaries of a 401(k) plan cannot direct or diversify assets credited to their accounts, or obtain loans or distributions. The act requires plan administrators (often HR or consultants under the direction of HR) to provide notices to affected participants and beneficiaries at least 30 days in advance of covered blackout periods. The notice must be in writing and stated in a way that the average plan participant can understand. If the blackout period prevents at least 50 percent of plan participants from engaging in transactions involving company stock held in their plan accounts, then the act also prohibits directors or executive officers from engaging in trading involving company stock held outside the plan during the blackout period. This applies to any stock acquired in connection with the insider’s services or employment.


​An organization run by AI is not a futuristic concept. Such technology is already a part of many workplaces and will continue to shape the labor market and HR. Here's how employers and employees can successfully manage generative AI and other AI-powered systems.